1 | ABAC Demo Distribution README |
---|
2 | $Date: 2003/07/16 16:26:48 $ |
---|
3 | |
---|
4 | documents - contains papers and presentations relating to ABAC. |
---|
5 | |
---|
6 | rbtm - contains java source for a credential management system which is used by |
---|
7 | the by the ABAC packages. This code base was originally developed at |
---|
8 | Stanford University with modifications made at Network Associates |
---|
9 | Laboratories. For more information, see the automatically generated |
---|
10 | documentation (javadoc) in the docs directory. |
---|
11 | |
---|
12 | * IntersectionProofNode currently only supports backward searching. |
---|
13 | Forward searching is need for a complete implementation of |
---|
14 | distributed discovery. |
---|
15 | |
---|
16 | ttg -+ contains java source code for the the ABAC packages. This code base |
---|
17 | | was developed at Network Associates Laboratories. |
---|
18 | | |
---|
19 | +-- docs - automatically generated javadoc html goes here. |
---|
20 | | |
---|
21 | +-- test - contains launch script and *.txt configuration files. |
---|
22 | | | Configuration files are grouped into different scenarios and |
---|
23 | | | may also contains scripts "go*" or test to launch a test. |
---|
24 | | | |
---|
25 | | +-- simple - simple Swedish and EPub (e-commerce) scenarios |
---|
26 | | | |
---|
27 | | +-- failed - examples of failure cases |
---|
28 | | | |
---|
29 | | +-- intersect - simple policies extended to include intersections |
---|
30 | | | |
---|
31 | | +-- linked - intersection policies extended to included linked |
---|
32 | | | roles with and without linking goals. |
---|
33 | | | |
---|
34 | | +-- heuristic_strategy - two scenarios: sweden1 and usdod, each |
---|
35 | | | are designed to exercise the heuristic, |
---|
36 | | | stingy strategy (see below) |
---|
37 | | | |
---|
38 | | +-- rtml - examples similar to linked above which incorporate RTML |
---|
39 | | credential stores and distributed discovery of RTML |
---|
40 | | credentials using distributed disovery |
---|
41 | | |
---|
42 | +-- demo - tomcat servlet source code and configuration and distributed |
---|
43 | | discovery servlet which allows access to the discovery service. |
---|
44 | | |
---|
45 | +-- INSTALL - installation notes for building and installing the demo |
---|
46 | |
---|
47 | atnvis -+ contains the visualization package in atnvis.jar (also relies on |
---|
48 | | grappa.jar from AT&T Research which is available at |
---|
49 | | http://www.research.att.com/~john/Grappa/ ) |
---|
50 | | |
---|
51 | +- demo - the demo configuration (*.prop) files generated from the |
---|
52 | | TestEngine class. |
---|
53 | | |
---|
54 | +- graphviz - the grappa java packages rely on GraphViz. Windows and |
---|
55 | | Linux binaries are included for convenience. Grappa and |
---|
56 | | GraphViz are licensed identically. Please see the README |
---|
57 | | file in this directory for more information. |
---|
58 | | |
---|
59 | +- strategy_comparison - visualization results for using various |
---|
60 | strategies in the same scenario (USSH vs |
---|
61 | SAdmir). |
---|
62 | |
---|
63 | |
---|
64 | Strategy Configuration |
---|
65 | ====================== |
---|
66 | |
---|
67 | The test engine supplied with this package can be easily configured with text |
---|
68 | files. The [Strategy] section has several configurable parameters; for example, |
---|
69 | add this on a single line "type=default". Note the left hand side parameter |
---|
70 | should be all lower case. |
---|
71 | |
---|
72 | type - set the type of strategy to use: "default" or "stingy", where the |
---|
73 | the default is a breadth first search. Stingy refer to the |
---|
74 | history-based, heuristic strategy. The remaining parameter types |
---|
75 | are only useful when the "stingy" strategy is selected. |
---|
76 | |
---|
77 | weightFile - a file name for loading and storing the weights used in the |
---|
78 | stingy strategy's algorithm. |
---|
79 | |
---|
80 | init - a single-precision floating point number for the initial value of |
---|
81 | new weights. |
---|
82 | |
---|
83 | sat - a single-precision floating point number to which a role's weight |
---|
84 | is set if the role is contained in a target that is satisfied at the |
---|
85 | end of a negotiation. |
---|
86 | |
---|
87 | training - "true" or "false" to tell the stingy strategy whether to |
---|
88 | save the set of weights generated by the current negotiation |
---|